Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Ransomware Payments Decline While Data Exfiltration Payments Are On The Rise

The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics. According to Coveware’s Q2 2024 Ransomware Quarterly Report, we see a few interesting trends: A new data point brought to light this quarter is the data exfiltration only (DXF) payment trend, which is relatively flat despite fluctuating between 53% in Q1 of 2022 when tracking began, down to a low of 23% in Q1 of this year.

FBI and International Partners Dismantle Dispossessor Ransomware Operation

In a major breakthrough against cybercrime, the FBI, in collaboration with international partners, successfully disrupted the Dispossessor ransomware operation, seizing its servers and websites. This operation, which involved agencies from the United States, the United Kingdom, and Germany, marks a significant step forward in the global fight against ransomware.

Ransomware Kingpin Who Called Himself "J P Morgan" Extradited to the United States

An investigation dating back almost ten years has seen the extradition this week to the United States of a man suspected to be the head of one the world's most prolific Russian-speaking cybercriminal gangs. The UK's National Crime Agency (NCA) says it has been investigating a cybercriminal using the online handle "J P Morgan" since 2015, alongside parallel investigations run by the United States FBI and Secret Service.

RansomHub: The New Kid on the Block to Know

The ransomware group – RansomHub – has emerged as a significant player in the ransomware landscape, making bold claims and substantiating them with data leaks. It emerged after the Federal Bureau of Investigation (FBI) disrupted ALPHV’s ransomware operation on December 19, 2023. There are assumptions that RansomHub is the “spiritual successor” of ALPHV group that operates with the help of former ALPHV affiliates.

Chameleon Malware Poses as CRM App

Researchers at ThreatFabric warn that a phishing campaign is distributing the Chameleon Android malware by impersonating a Customer Relationship Management (CRM) app. The campaign is currently targeting users in Canada and Europe, but may expand to other regions. “The naming used for the dropper and the payloads clearly shows that the intended victims of the campaign are hospitality workers and potentially B2C business employees in general,” ThreatFabric says.

Double Extortion Ransomware: What It Is and How To Avoid It

Double extortion ransomware is a type of cyber attack in which cybercriminals steal sensitive data and encrypt it. Then, cybercriminals threaten to release the stolen data unless the victim pays a ransom. The additional threat of exfiltration makes this type of cyber attack particularly damaging for organizations, as they face the risk of sensitive data being exposed to the public or sold on the dark web.

The Most Recent Malware Attacks on Companies in 2024

2024 has been quite the year for malware attacks. So far this year, major companies like Change Healthcare, Ticketmaster, Ascension Hospital, ABN AMRO and CDK Global have all been affected by malware attacks. Keep reading to learn more about each of these major malware attacks and how your company can protect itself from malware attacks.

Updated SafeBreach Coverage for US CERT Alert AA23-061A - BlackSuit (Royal) Ransomware

On August 7th, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued an update to an existing advisory (AA23-061A) highlighting new TTPs being leveraged by the recently rebranded “Royal” ransomware gang – now known as BlackSuit. Detailed information about this threat and the associated IOCs and TTPs can be seen on #StopRansomware: Blacksuit (Royal) Ransomware.

Rubrik Named Five Times A Leader and Five Times Furthest in Vision: We Believe a Testament to Cyber Resilience

I am proud to announce that Rubrik has been recognized as a leader not just once but five consecutive times – we believe this is a testament to our vision and commitment to cyber resilience. This recognition in the Gartner Magic Quadrant for Enterprise Backup and Recovery Solutions (EBRSS)1 is a significant milestone for us, and it reaffirms our dedication to empowering organizations to navigate the complexities of data security and protect against evolving cyber threats.